摘要: | 資訊安全服務業屬於專業技術與人力密集的產業,隨著資訊科技進步、企業數位轉型與後疫情時代的來臨,面對全球性地網路攻擊威脅,資訊韌性與防護能力成為企業面對資安威脅的新戰力。此時,協助企業面對無預警地網路攻擊,適時提供資安防禦解決方案的資安服務商扮演著極重要的角色。 本研究個案A公司為台灣資安服務產業SOC(Security Operation Center)營運管理服務的領導品牌,擁有SOC資安營運中心建置與管理豐富經驗,為產業的標竿企業。本研究主要探討資安服務價值鏈活動,從個案公司的內部優劣勢,外在環境機會與威脅,剖析個案公司及其他關聯公司,從不同的客戶服務事業進行價值鏈及相關探討,最後提出適配的事業級策略建議。 本文採用個案研究法,論述資料包含與產業高階主管的深度訪談,與相關前人研究文獻,本研究由此進行彙整、分析與推論,從個案公司的價值鏈活動、產業價值系統與產業生命週期等面向分析研究,推論「差異化」為個案公司於資安服務產業中脫穎而出的主因。 近期駭客攻擊手法日新月異,對企業網路造成之威脅與日俱增,為資安市場帶來極大變數,資安業者競爭白熱化,高度客製化是資安業者提供服務價值的關鍵,建議資安服務商應以差異化策略或集中差異化策略,提供卓越、獨特與創新的服務價值,奠定企業永續發展的競爭優勢。;The cyber security service industry was a professional technology and manpower-intensive industry. With the advancement of information technology and the digital transformation of enterprises, and the advent of the post-pandemic era, there were unwarranted cyber-attack threats from all over the world, and information resilience had become an enterprise’s defense capability, which the crux of sustainable operation. To be confronted with the diversity of cyberattacks, providing cyber security services became especially important to assist enterprises in cyber security and network protection. The information service company that provided assists the enterprise to antagonism network attack through information Resilience and protection capability turned to play an important role. Company A, which this thesis chose to take a case study, was the leading brand of SOC(Security Operation Center) in Taiwan’s cybersecurity service industry. Company A was a benchmarking of the cybersecurity service industry, they possessed the rich experience and established a SOC Operations Center. This research mostly investigated the industrial value chain activities with the customer service business. Then analyzed internal strengths and weaknesses and external opportunities and threats, combined with the main activities and support activities of the value chain. Eventually, summarize business-level strategic recommendations for the competitive advantage of the case company. This research adopted the case study method, mostly conducting in-depth interviews with senior executives of the industry and secondary literature collection. Then conducting data collection analysis and inference. "Differentiation" was an important factor in standing out. Through "differentiation", not only can them had sustainable competitiveness, but also a critical factor for the sustainable operation of cyber security service providers. Recently, hacker attacks changed with each passing day, and cyber threats grew with each pass, bringing great variability to the information security market. The cyber security service market had undergone many changes, as well as the threat of new entrants from competitors. Therefore, this research recommended that a differentiated strategy or a focused differentiation strategy should be adopted to enable companies to grow sustainably and profitably in the long term. |